Pro-ISIS Hackers Have Been Flexing Their Muscles – But Is There Any Real Cause For Concern?

Lion Caliphate, of Caliphate Cyber Army (CCA) and United Cyber Caliphate (UCC) notoriety, briefly left Facebook last week but returned as Lion Back.

Lion Caliphate, of Caliphate Cyber Army (CCA) and United Cyber Caliphate (UCC) notoriety, briefly left Facebook last week but returned with a new name– Lion Back. Site Intel Group, which tracks numerous hacker groups, has released several updates in regard to pro-ISIS hackers:

ISIS-affiliated hackers continue to issue OpSec tips, which include advice regarding the use of VPNs when on social media (Photo).

The Caliphate Cyber Army (CCA) recently redistributed a video featuring a US military kill list.

Shortly after the announced merger, the UCC targeted 3,000 New Yorkers, posting the names and other personal information of individuals on Telegram. The information was posted briefly and then removed, which led experts to believe it to be a fear-mongering tactic. Either way, the FBI said that all who were listed would be contacted, just in case.

A church website also fell victim to the UCC. “We will conquer your Rome, break your crosses and enslave your women by the permission of Allah, the Exalted,” said the video posted on the site of the Lamont Christian Reformed Church in Michigan. And, the site’s landing page bore the words “You have been hacked by the United Cyber Caliphate.”

Lion Caliphate had been operating under the UCC banner, but this week he has been posting content on Facebook as a member of the Cyber Caliphate Army.

ISIS recruiter and computer mastermind, Junaid Hussain left behind a widow when he was shot down in an airstrike last summer. Sally Jones (aka Umm Hussain Britaniya and the White Widow) continues her propaganda-filled social media campaign, often advocating violence and sometimes making threats. In October 2015, “she released, ‘the address & details of US Military target no.2 also one of America’s most decorated soldiers,’ Sgt. 1st Class Dillard Johnson on October 8, 2015. Making very clear why she released the information, Britaniya proclaimed, ‘Once again I leave these details online to cause havoc in his life & for my brothers and Al-Qaeda in the U.S to eventually hunt him down & kill him.’”

More recently, on May 25, Jones made references to drones and suicide attacks in a barrage of tweets. She also warned of terror attacks in various UK cities, including Glasgow and London and called on British women to carry out attacks during Ramadan in the UK.

Jones’ latest Twitter account (the account that issued the threats was suspended) is an Islamic State Hacking Division account. This particular group of hackers pledged allegiance to the Islamic State in late 2014.

Last month, the Islamic State Hacking Division published a hit list of over 70 US military personnel who have been involved in drone strikes against terror targets in Syria. The group’s followers were encouraged to “kill them wherever they are”. ‘The Sunday Times’ reported that these hackers, who have links to Britain, circulated online the names, addresses and photographs of over 70 US staff.

Though the current assembly of pro-ISIS hackers possesses minimal hacking skills,“groups concerned about ISIS cyberattacks should look for the hacking groups to use deep Web forums as a training ground for ISIS followers with low-level hacking abilities to improve their skills”, according to Flashpoint. “Expect ISIS hackers to download hacking tools from publicly available sources and use a combination of off-the-shelf and custom malware”, Flashpoint added.

“The Internet underlies virtually all of America’s critical infrastructure activities, including military, defense, commerce, finance, energy, transportation and healthcare. “[O]ur reliance on things like satellites and the Internet has led to real vulnerabilities that our adversaries are eager to exploit,” Defense Secretary Ash Carter said at a technology forum in September 2015. Attempts by terrorists at penetrating our power grid, industrial control systems and financial transactions are inevitable. A 2015 USA TODAY analysis of federal energy records found that part of the nation’s power grid is struck by a cyber or physical attack about once every four days. But the Internet of Things, increasing interconnectedness of technology, and rise of drones and self-driving cars will make the U.S. even more vulnerable to being hacked. A smartly-targeted, asymmetrical attack could bring the country to its knees.”

With Junaid Hussain and accomplice Ardit Ferizi out of commission, the confederation of pro-ISIS hackers doesn’t appear to pose much of a threat, but they are always scouting for new tech talent. So, the potential for widespread, possibly devastating impact is always present.

Share On

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.